If Banks Can't Solve the Derisking Dilemma, Maybe the Government Will
A growing lack of transparency between some businesses and their banking service providers threatens our ability to effectively manage money laundering and terrorist financing risk.March 31
Cryptocurrency companies and legal marijuana businesses now routinely pay thousands a month for access to basic banking services, which some think reflects their lack of other options more than their real risks.April 10
A spate of recent account closings at churches and charities suggests that Operation Choke Point and other de-risking directives are causing collateral damage to faith-based organizations.January 27
The head of the Financial Action Task Force, an international group that sets money-laundering standards, warns that many foreign institutions are now feeling the effects of the push inside American banks to cut off large swaths of customers.December 29
Banks face a difficult derisking dilemma. They are often caught between conflicting mandates, with regulators instructing them at once to be alert for customers who could be engaged in illegal activities and to continue providing banking services to legal but potentially high-risk businesses.
Some regulators, such as FinCEN, have advised banks that engaging in the wholesale de-risking of an industry is not particularly desirable. But the burden of weighing and mitigating the risk has not lessened. A recent survey conducted by KPMG indicates that the global cost of compliance continues to rise, in some cases by more than 100% year-over-year. In the long term, the cost of non-compliance can far outweigh the short-term benefits-particularly when it is detected by a regulator and comes with accompanying penalties.
There are a number of possible solutions to the issue, at least one of which involves treating banks as a public utility. But the fact remains that in North America, banks are almost entirely privately-owned, for-profit enterprises with strict regulatory controls. These are important factors to remember in the continuing derisking debate. While some banks have taken a stance against the position that they should be treated in any way as public utilities, there can be merit to doing so where private enterprise doesn't bridge the gap.
Between a Rock and a Hard Regulatory Place
Derisking presents a number of challenges for banks. Regulators have identified certain sectors and industries as "vulnerable," meaning that these sectors are at risk for money laundering and terrorist financing. These higher-risk sectors require a higher level of due diligence, which comes at a cost. Banks must weigh how serving these sectors will impact their compliance, finances and reputation.
In some cases, the cost associated with enhanced due diligence outweighs the cost of maintaining certain accounts. In other cases, banks mitigate the problem by charging higher fees to certain types of customers, such as Bitcoin firms and legal marijuana businesses.
Regulators may question banks' decisions to hold accounts for customers in cases where a suspicious activity report has been filed. Regulators also encourage a relatively low threshold at which banks have "reasonable grounds" to suspect customers.
Banks are left to balance the risks and costs of each client relationship, while fearing the consequences of both derisking customers and keeping them.
At a recent conference, one regulator acknowledged the inherent conflict that banks face and suggested that the Financial Action Task Force may not be the best venue for the de-risking debate. According to the regulator, derisking is not only an anti-money-laundering issue but affects broad swaths of the global economy.
One could argue that the same line of reasoning applies to most large-scale financial decisions. But the regulator's remark nonetheless has fascinating implications, particularly as the G-20 and World Bank continue discussions related derisking and global remittance payments.
Correspondent Banking Woes
Money service businesses seem to have been the proverbial canary in the mine, having been deemed high-risk and derisked over several years. Now rumblings of strained relationships within the banking community are on the rise. From a money laundering and terrorist financing perspective, banks themselves are a vulnerable industry.
Since correspondent banking relationships have been identified by regulators across the globe as a vulnerability, many banks are reassessing these relationships. In some cases, community banks and credit unions are already finding it difficult to obtain and maintain the correspondent banking relationships necessary to serve their customers.
International banks are already starting to complain, and we can expect more of the same as the banking sector learns first-hand the challenges experienced by MSBs. However, the banking sector seems more likely to find a solution that will allow it to avoid crippling its own business model.
Unregulated but Vulnerable
While banks scramble to deal with potentially high-risk but regulated sectors, many additional vulnerable sectors remain unregulated. These include many dealers in high-value goods, cash-intensive businesses and much of the retail food and beverage industry. In some cases, such as the 2014 raid on the Los Angeles Fashion District, this has led to specific regulatory advisories and actions. In this case, specific investigations led to evidence of what FinCEN referred to as "pervasive" money-laundering activity via stores in the Fashion District.
The risk related to these sectors has seldom been quantified. While it remains simple to say that cash-intensive businesses and high-value goods are vulnerable, banks are tasked with deciding which of these are risky enough to merit enhanced due diligence. It remains to be seen whether there will be increased pressure for suspicious activity reporting related to these sectors, and if so, whether this will lead to increased de-risking.
No Easy Answers
As pressure mounts, people in the industry are considering both public and private solutions. A banker speaking on derisking recently quipped, "If the government wants to run a bank to bank the businesses we're derisking, they're welcome to do it. We're not a public utility. We have responsibilities to our shareholders."
A government-run bank for businesses likely to be rejected by private banks might not be such a crazy idea. While North America has generally shied away from publicly-operated banks, it could be an idea worth considering if there would be a quantifiably positive economic impact.
Private, for-profit enterprises could also find opportunity in serving customers who have been impacted by de-risking-provided that they could find a way to manage risk in such a way that satisfies regulators. In order for this to be effective, some firms would need to have an appetite to mitigate risk that other banks have deemed "too high" to tolerate. They would be committing to constant regulatory scrutiny, at least at the outset. But for the right organization, the opportunity could be considerable.
There is another option, although it's one that's unlikely to appeal to bankers. Congress could pass laws that would require banks to open and maintain accounts for businesses that were able to meet some standard of due diligence.
This type of action would bring banks closer to the "public utility" concept that they resist. But it would also lessen their regulatory burden to some extent by providing clear guidelines on the minimum standard firms have to achieve to open and maintain a business account with banks. It would also alleviate some of the pressure that banks feel to derisk customers.
There is precedent for this option on a global scale. In some jurisdictions, such as Canada, the right to basic banking services is an entrenched right for individuals (though not for businesses).
I expect that we will see increased interest in a range of potential solutions as banks and other vulnerable sectors-in particular those that have established strong political voices-encounter derisking threats to their operations. There's no denying that AML compliance is important. But compliance should never be so onerous that it threatens our nation's economic foundations.
Amber D. Scott is founder and chief AML "ninja" at
Outlier Solutions Inc. Follow her on Twitter @OutlierCanada.